<?php 
	session_start();
	session_destroy();
	ob_start();
?>

<html>
	<head>
		<title> Gestation Growth Potential </title>
		<link rel="stylesheet" type="text/css" href="css/login_style.css">
	</head>
	<body>
		<div id="wrapper" style="margin-top:100px;">
			<div id="logo">
				<!-- untuk menampilkan pesan error -->
				<div style="color:#ff0000; margin-top:25px; font-color:red; font-size:10px; margin-bottom:5px;margin-left:15%;float:left;"> </div>
			</div>
			<div style="clear:both;"> 
			</div>
			<div style="text-align:center;margin-bottom:5px; font-color:#B9080E; font-size:11px;">
			<?php
				$con = mysql_connect("localhost","root","") or die("Can't connect to database. Contact Your Administrator.");	
				if (!mysql_select_db("gestation")) {
					mysql_query("CREATE DATABASE gestation");
					mysql_select_db("gestation",$con);
					
					$sql = "CREATE TABLE IF NOT EXISTS `mother` (
					`mother_id` int(11) NOT NULL AUTO_INCREMENT,
					`mother_name` varchar(100) NOT NULL,
					`mother_address` text,
					`mother_birthdate` date NOT NULL,
					`mother_etnis` int(11) NOT NULL,
					`mother_parity` int(11) NOT NULL,
					`mother_height` decimal(10,0) NOT NULL,
					`mother_weight` decimal(10,0) NOT NULL,
					PRIMARY KEY (`mother_id`)
					) ENGINE=InnoDB  DEFAULT CHARSET=latin1 COMMENT='Tabel data ibu' AUTO_INCREMENT=3 ;";
					mysql_query($sql,$con);
					
					$sql1 = " CREATE TABLE IF NOT EXISTS `embrio` (
					  `embrio_id` int(11) NOT NULL AUTO_INCREMENT,
					  `embrio_mother_id` varchar(25) NOT NULL,
					  `embrio_edd` date NOT NULL,
					  `embrio_sex` int(11) NOT NULL COMMENT '1 : male, 0 :female',
					  PRIMARY KEY (`embrio_id`)
					) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ;";
					mysql_query($sql1,$con);
					
					$sql2 = " CREATE TABLE IF NOT EXISTS `measurement` (
					  `measurement_id` bigint(25) NOT NULL AUTO_INCREMENT,
					  `measurement_embrio_id` varchar(25) NOT NULL,
					  `measurement_height` decimal(10,0) NOT NULL,
					  `measurement_weight` decimal(10,0) DEFAULT NULL,
					  `measurement_date` date NOT NULL,
					  PRIMARY KEY (`measurement_id`)
					) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=10 ;";
					mysql_query($sql2,$con);	
					
					$sql3 = "CREATE TABLE IF NOT EXISTS `user` (
						  `user_id` int(11) NOT NULL AUTO_INCREMENT,
						  `user_name` varchar(100) NOT NULL,
						  `user_username` varchar(100) NOT NULL,
						  `user_password` varchar(100) NOT NULL,
						  PRIMARY KEY (`user_id`)
						) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;";
					mysql_query($sql3,$con);
					
					/* Dump username */
					$sql4 = " INSERT INTO `user` (`user_id`, `user_name`, `user_username`, `user_password`) VALUES (1, 'Yudi', 'yudi', 'yudi');";
					mysql_query($sql4,$con);
				}

				/* Login handler */
				mysql_select_db("gestation") or die("Cannot select DB. Contact your web administrator.");		
				
				if (isset($_POST['login_submit'])) {
					$username=$_POST['user_name']; 		
					$password=$_POST['user_password']; 
					
					// To protect MySQL injection
					$username = stripslashes($username);
					$password = stripslashes($password);
					$username = mysql_real_escape_string($username);
					$password = mysql_real_escape_string($password);
					
					$sql="SELECT user_id, user_name FROM user WHERE user_username='$username' and user_password='$password'";
					$result = mysql_query($sql, $con) or die("Error. Contact your administrator");
					
					// If result matched
					if(mysql_num_rows($result)==1){
						// Register $myusername, $mypassword and redirect to file "input_pasien.php"
						session_start();
						$row = mysql_fetch_row($result);
						$_SESSION['username'] = $username;
						$_SESSION['password'] = $password;
						$_SESSION['user_name'] = $row[1]; //user real name
						
						//redirect
						header("location:cari_pasien.php");
					}
					else {
						echo "Wrong Username or Password";
					}
				}
				ob_flush();
			?>
			</div>
			<div id="blue">
				<div id="sign">
					<form id="signin" name="login" action="index.php" method="post">
						<table>
							<tr>
								<td class="formfieldname">Username</td>
								<td>
								<input type="text" id="username" name="user_name" value="" class="formtextfield" placeholder="Please Fill Username" required="Please Fill Username">
								</td>
							</tr>
							
							<tr>
								<td class="formfieldname">Password</td>
								<td>
								<input type="password" id="password" name="user_password" value="" class="formtextfield" placeholder="Please Fill Password" required="Please Fill Password">
								</td>
							</tr>
							
							<tr>
								<td>
								</td>
								<td>
									<input type="submit" name="login_submit" value="Login" style="width:80px;"> 
								</td> 								
							</tr>
						</table>
					</form>
				</div>
			</div>	
		</div>
	</body>
</html>